Senior Manager Cyber Security and CISO

Job Description

The role is accountable for the creation, implementation and oversight of strategies and programs designed to reduce and mitigate information security risk across the Association, leading an enterprise-wide information security and assurance function and framework, ensuring that confidentiality, integrity and availability requirements of information systems and assets are identified and managed appropriately.

This leadership position reports to and works with the Chief Information & Technology Officer (CITO) and other department leaders, including business services, technical services, and the technology office to design and execute the company’s technology roadmap. This forward-looking technology leader participates in the execution of a 24/7 cybersecurity support strategy.

As a member of the Information & Technology leadership team, the CISO plays an influential role in making investment and priority trade-off decisions, negotiating, and managing vendor contracts, and recruiting, retaining, and developing high-performing teams.

Tri-State recognizes the value of a highly-engaged and committed workforce and provides an excellent benefits program that includes:

Medical Insurance, Dental Insurance, Vision Insurance, Health Savings Account (HSA), Flexible Spending Accounts (FSA), Tuition Reimbursement, Flexible Work Schedules including compressed work week and telecommuting opportunities to work remotely up to 40%, Life Insurance, 401K, Long Term Disability (LTD), Short Term Disability (STD), Employee Assistant Program (EAP) and Paid Leave Benefits.

Senior Manager Grid Cyber Security and CISO

Hiring Salary Range: $141,000-$218,000

Actual compensation offer to candidate may vary outside of the posted hiring salary range based upon work experience, education, and/or skill level.

Responsibilities

- Cyber Security:

- Provide vision, leadership, and management of the assessment, planning, and execution of the company’s information security strategies, policies, and procedures in conjunction with functional groups across the organization including Energy Markets, Transmission Operations, Reliability Compliance, Physical Security, Generating Stations, and Geographic Information Systems.

- Act as the focal point for information security, confidentiality, classification, and associated incident response arrangements.

- Establish and build sound business relationships across the enterprise to enable a strong understanding and close alignment with business needs, direction, and risk tolerance.

- Provide clear and timely business advice to executive management and the Board of Directors on key information security and assurance issues.

- Ensure ongoing analysis of information security threats, vulnerabilities, assessing impacts and driving responses. Determine potential impact on the organization’s risk posture.

- Develop and implement processes to ensure staff are appropriately skilled in monitoring and responding to security incidents.

- Direct detailed analysis and continuing management of cyber security functions, interoperability of current and proposed cyber systems, infrastructure security requirements, and security related software, hardware, and services.

- Create, manage, and deliver effective information security awareness training to all employees.

- Collaborate and recommend provisioning of technical expertise for all information security compliance requirements including North American Electric Reliability Corporation (NERC) Critical Infrastructure Protection (CIP) requirements and support related audits.

- Provide strategic information security and risk guidance to third-party suppliers in accordance with internal frameworks and ensure compliance with required controls.

- Conduct information security risk assessments across the enterprise at suitable intervals. Ensure that key risk issues are understood, communicated, and tracked. Regularly verify that required information security and risk controls are in place, raising findings as non-compliance if found, and driving improvement.

- Develop and report on key performance indicators and metrics to measure the effectiveness of cybersecurity initiatives.

- Stay abreast of emerging threats, technologies, and regulatory changes, and proactively adapt the security strategy.

- Leadership Accountabilities:

- Enterprise Focus and Leadership: Understands and embraces the tenants of the Association’s business strategy and plans, and ensures adherence to enterprise vision, mission, values, strategies, goals, objectives, and priorities. Establishes clear focus and direction for direct reports and program areas. Effectively leads through change and adversity and demonstrates the ability to successfully resolve issues as they arise. Participates in key substantive discussions and supports decisions. Establishes a positive and supportive environment for employees.

- Member System Focus: Continually supports Tri-State’s mission and identifies opportunities to serve Member Systems more effectively. Is a champion of the cooperative business model and embraces the Cooperative Principles.

- Managerial Responsibilities:

- Ensure 100% compliance with all laws, rules, regulations, and requirements in functional areas. Ensures that established business processes are captured and maintained as part of Tri-State’s policies and procedures.

- Ensures that training and development needs for each employee have been identified and that adequate learning opportunities are provided.

- Ensures that team and individual employee execution is evaluated against established goals and objectives for all accountabilities. Ensures that delegated functions effectively forecast work and resource needs, including human, capital, and physical resources, and recommends annual budgets to meet goals and objectives aligned to support enterprise strategies, goals, and objectives. Actively monitors performance against budget, identifies variances, and backcasts against forecasts to identify and learn from error.

- Mentor future cybersecurity leaders within the organization.

- Because Tri-State has an obligation to provide continuous, reliable electric service to its customers, the ability to work overtime at any time of the day or week is considered an essential function of the job.

Other Duties/Responsibilities

- Perform other related duties as assigned

Success Factors/Job Competencies

- Leadership: Demonstrated ability to identify functional area needs and establish goals and objectives to ensure alignment with enterprise goals.

- Planning: Ability to think ahead and plan upcoming initiatives including prioritizing workload, developing schedules and meeting deadlines.

- Management/Supervision: Ability to organize and manage multiple priorities and assigned staff.

- Time management: the ability to prioritize and schedule projects and meet deadlines.

- Problem analysis and problem resolution at both strategic and functional levels.

- Business risks: ability to weigh business risks and ensure compliance with appropriate information security measures.

- Demonstrate behavior consistent with company values

- Excellent interpersonal and communication skills

- Strong team player

Qualifications

Education and Training:

- Bachelor of Science degree in Computer Science, engineering, or related area of study, or equivalent experience gained through progressively greater responsibilities.

- Professional certification such as Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), Certified Information Systems Auditor (CISA), Certified in Risk and Information Systems Control (CRISC) or other information security credentials is preferred.

Knowledge, Skills, And Ability

- Deep understanding of information security architecture including firewalls, anti-virus, intrusion detection/intrusion prevention systems, virtual private networks, remote access systems, network zoning, centralized monitoring, and application scanning.

- Knowledge of information security and risk control frameworks such as NIST CSF, CIS Contols, and Cybersecurity Capability Maturity Model is preferred.

- Demonstrated consultative approach to driving change and deploying controls.

- Strong facilitation skills and a clear ability to build strong relationships with business stakeholders at all levels, including executive managers and vendors.

- Strategic long-term planning and goal setting to anticipate future opportunities and issues.

- Deep understanding of enterprise information security, discipline, processes, concepts, and best practices.

- Demonstrated record of building and maintaining highly collaborative, flexible, and productive cross-organization teams.

- Excellent written and verbal communications and the ability to articulate complex technical ideas to non-technical stakeholders.

- Ability to quickly grasp how new technologies work and how they might be applied to achieve cybersecurity and business goals.

- Knowledge of technological trends and developments in the area of information security and risk management.

- Strong, proven problem-solving skills and the ability to identify, analyze, and resolve problems, driving solutions through to completion.

- Demonstrated ability to effectively lead teams, delivering high performance and customer satisfaction.

Other

- Willingness and ability to travel as required for training and meetings throughout service territory.

- Must be able to perform all essential functions of the job.

About Us

Tri-State is a wholesale power supply cooperative, operating on a not-for-profit basis, with 43 members, including 40 utility electric distribution cooperative and public power district members in four states: Colorado, Nebraska, New Mexico and Wyoming. Together with its members, Tri-State delivers reliable, affordable and responsible power and energy services to more than a million electricity consumers across nearly 200,000 square miles of the West.

Tri-State was founded in 1952 by its member systems to provide a reliable, cost-based supply of electricity. Headquartered in Westminster, Colo., approximately 1,200 people are employed by Tri-State across five states.

Tri-State's electricity is generated from coal, natural gas and hydropower, with a rapidly increasing supply generated from wind and solar. Tri-State delivers power to its members through a transmission system that includes substation facilities, telecommunications sites and over 5,700 miles of high voltage transmission lines. Tri-State's transformative Responsible Energy Plan is reducing emissions, increasing renewable resources, developing new energy services and delivering more flexibility for its members.

Job Identification:

461

Job Category:

Information Technology

Posting Date: 2025-09-03T13:59:57+00:00

Job Schedule:

Full time

Hiring Salary Range:

$141,000-$218,000

Locations:

1100 W 116th Ave, Westminster, CO, 80234, US

All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, veteran status.